5118 matches found
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting 2 source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Compute...
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting 1 source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Compute...
showexp.txt
Wait For 8 Seconds... setTimeout function showHelp"mk:@MSITStore:iexplore.chm::..\..\..\..\program files\winamp\skins\xvulnx.wsz::\self-exec.html"; , 8000 ;...
Redirection and refresh parses local file
Redirection and refresh parses local file "that's all" is the end of file if you are in a hurry tested OS:WinXp Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30 demo http://www.safecenter.net/UMBRELLAWEBV4/IredirNrefresh/IredirNrefresh-MyPage.htm exp if an iframe whose SRC points to a...
Opera Web Browser 7 - IFRAME Zone Restriction Bypass
source: https://www.securityfocus.com/bid/8887/info A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users filesystem within the Local Zone. The problem occurs when handling malformed HTML iframes which point to local system locations...
mIRC 6.1 ""IRC"" Protocol Remote Buffer Overflow Exploit
No description provided by source. / remote mirc 6.11 exploit by blasty TESTED ON: Windows XP No SP, Ducth Build: 2600.xpclient.010817-1148 A few days ago, I saw a mIRC advisory on packetstorm 1 and was surprised nobody had written an exploit yet. So I decided to start writing one. Since this was...
mIRC 6.1 - IRC Protocol Remote Buffer Overflow
mIRC 6.1 - IRC Protocol Remote Buffer Overflow / remote mirc 998 chars to someone on IRC is simply NOT done : Then I remember the iframe-irc:// flaw found by uuuppzz 2 This exploit will write an malicious HTML file containing an iframe executing the irc:// address. So you can give this to anyone ...
mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow
/ remote mirc 998 chars to someone on IRC is simply NOT done : Then I remember the iframe-irc:// flaw found by uuuppzz 2 This exploit will write an malicious HTML file containing an iframe executing the irc:// address. So you can give this to anyone on IRC for example ; The shellcode included doe...
CVE-2003-0604
Windows Media Player WMP 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File://...
CVE-2003-0604
Windows Media Player WMP 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File://...
ProductCart XSS Vulnerability
ProductCart XSS Vulnerability found by atomix i came across the fact that in an area of ProductCart you are able to manipulate the error message, therefore allowing tags such as script and iframe to be used: http://www.website.com/ProductCart/pc/msg.asp?message=scriptalert document.cookie;/script...
Microsoft Internet Explorer 56 - file: Request Zone Bypass
Microsoft Internet Explorer 56 - file: Request Zone Bypass source: https://www.securityfocus.com/bid/7539/info Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained i...
Microsoft Internet Explorer 5/6 - 'file://' Request Zone Bypass
source: https://www.securityfocus.com/bid/7539/info Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be...
Microsoft Internet Explorer 5 - IFrameFrame Cross-SiteZone Script Execution
Microsoft Internet Explorer 5 - IFrameFrame Cross-SiteZone Script Execution source: https://www.securityfocus.com/bid/5672/info When a Microsoft Internet Explorer MSIE window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domai...
CVE-2002-0783
Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL...
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some...
Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some versions of the Opera Browser. It is possible to bypass the same...
CVE-2001-1325
CVE-2001-1325 affects Internet Explorer 5.0/5.5 and Outlook Express 5.0/5.5. The vulnerability allows remote script execution when Active Scripting is disabled if scripts are embedded in XML stylesheets (XSL) loaded via an IFRAME, potentially tied to Windows Scripting Host (WSH). OpenVAS findings...
CVE-1999-1472
This CVE (CVE-1999-1472) affects Internet Explorer 4.0. The vulnerability allows a remote attacker to read arbitrary text and HTML files on the user’s machine by delivering a small IFRAME that uses Dynamic HTML (DHTML) to exfiltrate data (the Freiburg text-viewing issue). The connected records co...
CVE-2000-0662
The CVE-2000-0662 entry describes a vulnerability in Internet Explorer 5.x and Microsoft Outlook where remote attackers can read arbitrary files by redirecting the contents of an IFRAME via the DHTML Edit Control (DHTMLED). The root cause is tied to the DHTMLED component handling dynamic HTML/IFR...